Linked by Thom Holwerda on Thu 19th Mar 2009 06:44 UTC, submitted by Moulinneuf
Privacy, Security, Encryption As he had already predicted, cracker Charlie Miller has won the PWN2OWN contest by cracking Safari and Mac OS X within seconds of the start of the competition. "It took a couple of seconds. They clicked on the link and I took control of the machine," Miller said after his accomplishment. He took home the USD 10000 prize, as well as the MacBook he performed the exploit on. Internet Explorer 8 fell a while later by cracker Nils, who also cracked Safari and Firefox after being done with IE8.
Thread beginning with comment 353844
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Sad to say
by Valhalla on Thu 19th Mar 2009 08:00 UTC in reply to "RE: Sad to say"
Member since:

In order to remotely attack a machine you need a way to deploy that attack. These days most operating systems (even windows) have realized that keeping alot of default ports open (listening) is stupid. So the best way to deploy your attack is pretty much through the web.

However some things bother me with this, they claim that they can take full control of the machine through the webbrowser, how exactly can they do that if the browser is running in userland under an account with user privileges? The way I see it they can only utilize the power given to the account which the browser is running under unless they also have some OS privilege-elevation exploit aswell?

Or are all these browsers being run under administrator privileges (which is pretty stupid)?

Reply Parent Score: 5

RE[3]: Sad to say
by -oblio- on Thu 19th Mar 2009 09:40 in reply to "RE[2]: Sad to say"
-oblio- Member since:

Windows XP - ~90% market share. Default user account is in the administrator's group. So the browser runs as this user, which is basically an administrator. Therefore ~90% of computer users run their web browsers with administrative privileges (or equivalent).

Reply Parent Score: 4

RE[3]: Sad to say - escalation
by jabbotts on Thu 19th Mar 2009 13:08 in reply to "RE[2]: Sad to say"
jabbotts Member since:

I hear that osX isn't too hard against privileged escalation. Anyone know if "unapproved" applications will still run simply by changing the identifier text file within the program's directories? (seen as a single object when only viewed through Finder)

It'll be interesting to see the details of the exploits used if/when they become available.

Reply Parent Score: 2

RE[3]: Sad to say
by ciplogic on Thu 19th Mar 2009 15:13 in reply to "RE[2]: Sad to say"
ciplogic Member since:

Rules of the game was clear: is not about to make user escalation, is about to get user data. And this without anything than a click on a link. Which is pretty shameful. What if I click on OSMEVS.COM and someone read all my home folder? Is not a funny experience!

Reply Parent Score: 5